package com.wangc.servlet;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import com.wangc.tools.DB_tool;

public class EnterDB {
	
	public static boolean login(String username, String password,HttpServletRequest request){
		Connection conn = DB_tool.getCon();
		boolean flag = false;
		String sql = "";
		try {
			sql = "select user_id from userinfo where username=? and password=?";
			PreparedStatement pst = conn.prepareStatement(sql);
			pst.setString(1, username);
			pst.setString(2, password);
			System.out.println(sql);
			ResultSet rs = pst.executeQuery();
			//System.out.println(rs.first());
			if(rs.next()){
				HttpSession session = request.getSession();
				session.setAttribute("username", username);
				session.setAttribute("password", password);
				session.setAttribute("login", "1");  //登录成功 login = 1
				String user_id = rs.getString("user_id");
				session.setAttribute("user_id", user_id);
				flag = true;
			}
			pst.close();
			conn.close();
		} catch (SQLException e) { e.printStackTrace(); }
		
		return flag;
	}
}
